diff --git a/main/inc/lib/course.lib.php b/main/inc/lib/course.lib.php index 647e342aac..ff47026e4f 100755 --- a/main/inc/lib/course.lib.php +++ b/main/inc/lib/course.lib.php @@ -2956,8 +2956,8 @@ class CourseManager /** * Gets the value of a course extra field. Returns null if it was not found * - * @param string Name of the extra field - * @param string Course code + * @param string $variable Name of the extra field + * @param string $code Course code * * @return string Value */ @@ -3023,7 +3023,8 @@ class CourseManager public static function get_course_category($code) { $table_categories = Database::get_main_table(TABLE_MAIN_CATEGORY); - $sql = "SELECT * FROM $table_categories WHERE code = '$code';"; + $code = Database::escape_string($code); + $sql = "SELECT * FROM $table_categories WHERE code = '$code'"; return Database::fetch_array(Database::query($sql)); } @@ -3052,7 +3053,7 @@ class CourseManager * @return int $course_id The number of rows in the given table. * @deprecated */ - public static function count_rows_course_table($table, $session_id = '', $course_id = null) + public static function count_rows_course_table($table, $session_id = '', $course_id = 0) { $condition_session = ''; if ($session_id !== '') { @@ -3269,6 +3270,7 @@ class CourseManager $courses[$row['code']] = $row; } } + return $courses; } @@ -3397,6 +3399,7 @@ class CourseManager $html .= '
' . $params['right_actions'] . '
'; $html .= ''; $html .= ''; + return $html; } @@ -3432,8 +3435,8 @@ class CourseManager * * Special courses are courses that stick on top of the list and are "auto-registerable" * in the sense that any user clicking them is registered as a student - * @param int User id - * @param bool Whether to show the document quick-loader or not + * @param int $user_id User id + * @param bool $load_dirs Whether to show the document quick-loader or not * @return string */ public static function returnSpecialCourses($user_id, $load_dirs = false) @@ -3441,9 +3444,7 @@ class CourseManager $user_id = intval($user_id); $tbl_course = Database::get_main_table(TABLE_MAIN_COURSE); $tbl_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER); - $special_course_list = self::get_special_course_list(); - $with_special_courses = ''; if (!empty($special_course_list)) { $with_special_courses = ' course.code IN ("' . implode('","', $special_course_list) . '")'; @@ -3462,8 +3463,9 @@ class CourseManager course_rel_user.user_id FROM $tbl_course course LEFT JOIN $tbl_course_user course_rel_user - ON course.id = course_rel_user.c_id AND course_rel_user.user_id = '$user_id' - WHERE $with_special_courses group by course.code"; + ON (course.id = course_rel_user.c_id) + WHERE course_rel_user.user_id = '$user_id' $with_special_courses + GROUP BY course.code"; $rs_special_course = Database::query($sql); $number_of_courses = Database::num_rows($rs_special_course); @@ -3566,7 +3568,7 @@ class CourseManager while ($row = Database::fetch_array($result)) { // We simply display the title of the category. - $courseInCategory = self:: returnCoursesCategories( + $courseInCategory = self::returnCoursesCategories( $row['id'], $load_dirs ); @@ -3612,22 +3614,21 @@ class CourseManager $without_special_courses = ' AND course.code NOT IN ("' . implode('","', $special_course_list) . '")'; } - //AND course_rel_user.relation_type<>".COURSE_RELATION_TYPE_RRHH." $sql = "SELECT - course.id, - course.title, - course.code, - course.subscribe subscr, - course.unsubscribe unsubscr, - course_rel_user.status status, - course_rel_user.sort sort, - course_rel_user.user_course_cat user_course_cat - FROM $TABLECOURS course, - $TABLECOURSUSER course_rel_user, - $TABLE_ACCESS_URL_REL_COURSE url + course.id, + course.title, + course.code, + course.subscribe subscr, + course.unsubscribe unsubscr, + course_rel_user.status status, + course_rel_user.sort sort, + course_rel_user.user_course_cat user_course_cat + FROM $TABLECOURS course + INNER JOIN $TABLECOURSUSER course_rel_user + ON (course.id = course_rel_user.c_id) + INNER JOIN $TABLE_ACCESS_URL_REL_COURSE url + ON (url.c_id = course.id) WHERE - course.id = course_rel_user.c_id AND - url.c_id = course.id AND course_rel_user.user_id = '" . $user_id . "' AND course_rel_user.user_course_cat = '" . $user_category_id . "' $without_special_courses "; @@ -3999,7 +4000,9 @@ class CourseManager // Display the "what's new" icons $notifications = ''; - if ($course_visibility != COURSE_VISIBILITY_CLOSED && $course_visibility != COURSE_VISIBILITY_HIDDEN) { + if ($course_visibility != COURSE_VISIBILITY_CLOSED && + $course_visibility != COURSE_VISIBILITY_HIDDEN + ) { $notifications .= Display:: show_notification($course_info); } diff --git a/main/inc/lib/sessionmanager.lib.php b/main/inc/lib/sessionmanager.lib.php index a1651ee60a..0c7ab9fe27 100755 --- a/main/inc/lib/sessionmanager.lib.php +++ b/main/inc/lib/sessionmanager.lib.php @@ -3141,6 +3141,7 @@ class SessionManager * @param bool $getOnlySessionId * @param bool $getSql * @param string $orderCondition + * @param string $keyword * @param string $description * * @return array sessions @@ -3383,7 +3384,7 @@ class SessionManager $sql = "SELECT $sqlSelect FROM $tbl_course c INNER JOIN $tbl_session_rel_course src - ON c.id = src.c_id + ON (c.id = src.c_id) WHERE src.session_id = '$session_id' "; if (!empty($course_name)) { diff --git a/main/inc/lib/usermanager.lib.php b/main/inc/lib/usermanager.lib.php index 6b8218865e..79d1196ce7 100755 --- a/main/inc/lib/usermanager.lib.php +++ b/main/inc/lib/usermanager.lib.php @@ -2616,9 +2616,9 @@ class UserManager sc.dateEnd AS session_category_date_end, s.coachAccessStartDate AS coach_access_start_date, s.coachAccessEndDate AS coach_access_end_date - FROM ChamiloCoreBundle:Session AS s + FROM ChamiloCoreBundle:Session AS s + INNER JOIN ChamiloCoreBundle:SessionRelCourseRelUser AS scu WITH scu.session = s LEFT JOIN ChamiloCoreBundle:SessionCategory AS sc WITH s.category = sc - LEFT JOIN ChamiloCoreBundle:SessionRelCourseRelUser AS scu WITH scu.session = s WHERE scu.user = :user OR s.generalCoach = :user ORDER BY sc.name, s.name"; @@ -2992,7 +2992,6 @@ class UserManager /* This query is very similar to the query below, but it will check the session_rel_course_user table if there are courses registered to our user or not */ - $sql = "SELECT DISTINCT c.visibility, c.id as real_id, @@ -3058,12 +3057,12 @@ class UserManager } if (api_is_drh()) { - $session_list = SessionManager::get_sessions_followed_by_drh($user_id); - $session_list = array_keys($session_list); - if (in_array($session_id, $session_list)) { - $course_list = SessionManager::get_course_list_by_session_id($session_id); - if (!empty($course_list)) { - foreach ($course_list as $course) { + $sessionList = SessionManager::get_sessions_followed_by_drh($user_id); + $sessionList = array_keys($sessionList); + if (in_array($session_id, $sessionList)) { + $courseList = SessionManager::get_course_list_by_session_id($session_id); + if (!empty($courseList)) { + foreach ($courseList as $course) { if (!in_array($course['id'], $courses)) { $personal_course_list[] = $course; } @@ -3074,9 +3073,9 @@ class UserManager //check if user is general coach for this session $sessionInfo = api_get_session_info($session_id); if ($sessionInfo['id_coach'] == $user_id) { - $course_list = SessionManager::get_course_list_by_session_id($session_id); - if (!empty($course_list)) { - foreach ($course_list as $course) { + $courseList = SessionManager::get_course_list_by_session_id($session_id); + if (!empty($courseList)) { + foreach ($courseList as $course) { if (!in_array($course['id'], $courses)) { $personal_course_list[] = $course; }